At Rise8, we’re in the business of inspiring culture by enabling clients to ruthlessly prioritize end-user value to build, test, and deliver regularly, consistently, and quickly as possible.
You will analyze and assess vulnerabilities across the tech stack (network, infra, platform, apps), investigate available tools and countermeasures to remedy the detected vulnerabilities, and recommend solutions and best practices. You will also automate tests for compliance with security policies and procedures. You will work with leading commercial clouds as well as secure k8s platforms like D2IQ, Tanzu, Rancher, etc. You may also provide expertise for secure management of the stack: monitoring, incident response, disaster recovery, security compliance/auditing, networking, storage, and service brokers.
Secure all the things while hacking the bureaucracy
Continuously improve your product/service to enable high-speed security
Work with teams to automate security toil that can be automated
Work in an environment that supports your individual growth
We practice and teach an approach to information security that applies across industries and organizations, so you’ll experience all types of teams, products, and technologies. And we believe in working at a sustainable pace – you’ll typically infosec hard for 8 hours each day, but then you’re off work to relax, recharge and refocus.
10+ years of a combination of development, security and operations experience
Understanding both native cloud security and monitoring services in a cloud provider, including VPC Service Controls, Firewall, Cloud KMS, Cloud Armor, Cloud
IAM, Cloud Audit Logs, Cloud Security Command Center, and Cloud Security Scanner
Applying cybersecurity concepts, including threats, vulnerabilities, security operations, encryption, boundary defense, auditing, authentication, and risk management
Understand the automated provisioning and configuration of IT environments, including tools such as Terraform, Cloud Deployment Manager, Puppet, Chef, Ansible, or PowerShell tools
Knowledge of network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS), anti-malware, vulnerability scanning, encryption, monitoring, and Identity, Credential, and Access Management (ICAM)
Developing technical engineering artifacts, including traceability matrices, network diagrams, data flow diagrams, installation procedures, and operations manuals
Cloud-native security best-practices, such as the AWS Security Pillar of the AWS
Identity and access management best-practices such as least-privileged access control, cloud access policies, cross-account roles etc.
Knowledge administering Active Directory (AD) and GPO’s
Knowledge of server virtualization technologies
Securing large scale cloud and containerized production systems and dealing with security incidents in them
Strong communication skills and interest in a client pairing environment
Applying lean and agile methodologies
BA/BS in Cybersecurity, Computer Science or related field, or equivalent experience
Strong policy understanding of RMF, FEDRAMP, DISA CC SRG, DISA CAP connection, DISA secure routing & endpoints for various DISA Impact Levels (ILs), and determining what services are authorized at various ILs
Strong understanding of the controls inheritance model and controls automation, shared responsibility model, and an understanding of modern RMF methodologies such as Continuous RMF via Ongoing Authorization
AWS and EKS experience
Led implementation of a DoD program’s VPC to IL4/IL5 with CAP connection and full
ATO from the ground up
Implementing NIST controls inheritance and controls automation and cRMF
Non-vendor certifications (one or more): Security+, CISSP, Certified Ethical Hacker
(C|EH), SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, CCNA, or CCNP
Vendor security certifications: AWS Security Specialty, AWS Solutions Architect, AWS Advanced Networking, etc.
Securing Kubernetes and the major cloud providers (CIS Benchmark for Kubernetes and the emerging DoD/DISA Kubernetes STIG
Working directly with clients, especially DoD and/or "Software Factory"
You want to make tomorrow better than today.
You have a passion for high-speed security and you care about risk management over compliance.
You believe the biggest vulnerability in any system is time.
You live to securely reduce cycle time.
You enjoy daily decision making and real product delivery on a balanced team of product management, design, and engineering.
You help ensure project success and client satisfaction.
You enjoy collaborative teams, pairing with team members, and inviting your clients to participate.
You like to work alongside, and learn from, lean and agile leaders.
You are a creative problem solver who is comfortable with uncertainty and can lead the design effort to make better product decisions.
You’re a curious and keen learner who thrives on enhancing your (and our) practices and knowledge.